ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-06-04 00:47:51 +05:00
Code Issues Packages Projects Releases Wiki Activity

dovecot: respect the mailDirectory base for LDAP home directories

Browse Source 
This change is safe, if you have not altered the default value of the
 `mailserver.mailDirectory` setting.
This commit is contained in:
Martin Weinelt 2025-05-22 01:52:17 +02:00
parent 6a78dc3375
commit 7cb61e6e3a
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759
3 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/migrations.rst
View File

@ -13,6 +13,29 @@ to your setup.
NixOS 25.11 NixOS 25.11
----------- -----------
#2 LDAP home directory migration
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The Dovecot configuration for LDAP home directories previously did not respect
the ``mailserver.mailDirectory`` setting.
This means that home directories were unconditionally located at
``/var/vmail/ldap/%{user}``.
This migration is required if you both:
* enabled the LDAP integration (``mailserver.ldap.enable``)
* and customized the default mail directory (``mailserver.mailDirectory != "/var/vmail"``)
For remediating this issue the following steps are required:
1. Stop ``dovecot2.service``.
2. Move ``/var/vmail/ldap`` below your ``m̀ailserver.mailDirectory``.
3. Update the ``mailserver.stateVersion`` to ``2``.
#1 Initialization
^^^^^^^^^^^^^^^^^
This option was introduced in the NixOS 25.11 release cycle, in which case you This option was introduced in the NixOS 25.11 release cycle, in which case you
can safely initialize its value at `1`. can safely initialize its value at `1`.

17
mail-server/assertions.nix
View File

@ -1,6 +1,21 @@
{ config, lib, ... }: { config, lib, ... }:
{ {
assertions = lib.optionals config.mailserver.enable [ assertions = [
{
assertion = config.mailserver.stateVersion < 2
&& config.mailserver.ldap.enable
&& config.mailserver.mailDirectory != "/var/vmail";
message = ''
Issue: The dovecot homedir for LDAP users was previously not respecting `mailserver.mailDirectory`.
Remediation:
- Stop the `dovecot2.service`
- Move `/var/vmail/ldap` below your `mailserver.mailDirectory`
- Increase the `stateVersion` to 2.
Check https://nixos-mailserver.readthedocs.io/en/latest/migrations.html#ldap-home-directory-migration for more information.
'';
}
] ++ lib.optionals config.mailserver.enable [
{ {
assertion = config.mailserver.stateVersion != null; assertion = config.mailserver.stateVersion != null;
message = "The `mailserver.stateVersion` option is not set. Check https://nixos-mailserver.readthedocs.io/en/latest/migrations.html to determine the proper value to initialize it at."; message = "The `mailserver.stateVersion` option is not set. Check https://nixos-mailserver.readthedocs.io/en/latest/migrations.html to determine the proper value to initialize it at.";

2
mail-server/dovecot.nix
View File

@ -356,7 +356,7 @@ in
userdb { userdb {
driver = ldap driver = ldap
args = ${ldapConfFile} args = ${ldapConfFile}
default_fields = home=/var/vmail/ldap/%{user} uid=${toString cfg.vmailUID} gid=${toString cfg.vmailUID} default_fields = home=${cfg.mailDirectory}/ldap/%{user} uid=${toString cfg.vmailUID} gid=${toString cfg.vmailUID}
} }
''} ''}